Google Acknowledges Data Breach: Alerting Users Impacted by Cyberattack

ByAdmin

Tech giant Google has officially acknowledged a significant data breach affecting its corporate Salesforce database, completing email notifications to affected users by August 8, 2025. On August 5, Google revealed that one of its corporate Salesforce instances was compromised in June 2025 by the notorious cybercriminal group known as ShinyHunters, officially tracked as UNC6040 by the Google Threat Intelligence Group. The breach exposed contact information and related notes for small and medium businesses stored in Google’s customer relationship management system. The cyberattack was orchestrated through sophisticated voice phishing (vishing) techniques, where threat actors impersonated IT support personnel to deceive Google employees into granting system access. This social engineering approach has become increasingly prevalent, with attackers manipulating human trust rather than exploiting technical vulnerabilities in the Salesforce platform itself.

According to Google’s analysis, the attackers gained access through a malicious version of Salesforce’s Data Loader application. During fraudulent phone calls, victims were guided to authorise what appeared to be a legitimate connected app, inadvertently granting the cybercriminals extensive capabilities to access and extract sensitive data. Google described the stolen information as “basic and largely publicly available business information, such as business names and contact details.” However, security researchers reported that ShinyHunters claimed to have obtained approximately 2.55 million data records from the breach. Google emphasised that the breach was contained within “a small window of time before the access was cut off.” The company immediately terminated the attackers’ access upon discovery, conducted a comprehensive impact analysis, implemented additional security mitigations, and began notifying affected customers. The notification process commenced in early August, with Google assuring users that payment information remained secure and that there was no impact on Google Ads data, Merchant Centre, Google Analytics, or other advertising products. 

Categories: Data Breach, Cybersecurity Threats, Social Engineering Techniques 

Tags: Data Breach, Google, Salesforce, Cybercriminal, ShinyHunters, Vishing, Social Engineering, Customer Relationship Management, Sensitive Data, Ransom Payments 

Leave a Reply

Your email address will not be published. Required fields are marked *